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earned patent term adjustment. See 37 CFR 1 .704(b). 
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1)S Responsive to communication(s) filed on 10 March 2006 . 
2a)IEI This action is FINAL. 2b)n This action is non-final. 
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Application Papers 
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Replacement drawing sheet(s) Including the connection is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) n The oath or declaration is objected to by the Examiner. Note the attached Office Action orfomi PTO-152. 
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DETAILED ACTION 

1. This is in response to amendment filed 3/10/06 in which claims 1-25 are pending. 

Response to Arguments 

2. Applicant's arguments with respect to claims 1-25 have been considered but are moot in 
view of the new ground(s) of rejection. 

Claim Rejections - 35 USC §102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1(2) of such treaty in the English language. 

4. Claim 1 is rejected under 35 U.S.C. 102(e) as being anticipated by U.S. Patent 
Application No. 2003/0212779 to Boyter et al. 

a. As per claim 1,15 and 26, Boyter et al teaches a system and method for network security 
scanning. Furthermore, Boyter et al teaches a method for scanning network devices connected to 
a network, comprising: (a) detecting connection of a first network device to the network (See 
page 4, paragraph [0024], when a new host, or a new port on an existing host is found it is placed 
at the top of the priority list to be scanned immediately); and performing remote agentless 
scanning of the first network device automatically in response to detection of the first network 
device to thereby avoid downloading a software agent to the first network device (See page 5, 
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paragraph [003 1), the purpose of the vulnerability scanner Daemon is to run vulnerability test on 
host found by the host scanner Daemon and the Port scanner Daemon, All vulnerability checks 
are performed by plug-ins installed in the plug-ins database), 

b. As per claim 2, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein step (a) further comprises inspecting data packets 
communicated over the network (See page 2, paragraph [0012])) 

c. As per claims 3 and 16, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein the detecting step further comprises querying a 
database (See page 2, paragraph [0012], accessing a control database for determining designated 
address, storing the status of each active host and inactive host in the control database), 

d. As per claim 4, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches broadcasting pings on the network, continuously examining 
address resolution protocol tables, continuously monitoring event logs, transmitting a 
Lightweight Directory Access Protocol (LDAP) query, and transmitting a Domain Name System 
query (See page 10) 

e. As per claim 6, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein step (b) further comprises determining a property of 
the first network device (See page 9, paragraph [0053]). 
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f. As per claim 7, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein step (b) further comprises determining identity of the 
first network device (See page 9, paragraph [0053]). 

g. As per claim 8, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein the determining of the identity of the first network 
device further comprises at least one of querying a database where the type has been determined, 
examining network traffic, analyzing network behavior, probing the first network device for 
signature responses, attempting to log into the device using a series of protocols, logging into the 
first network device and querying data within the device (See page 2, paragraph [0012] and page 
5, paragraph [0031]), 

h. As per claim 9, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches scanning at least one of a configuration, file, data, a software 
version, a patch, inventory, hardware, and a security vulnerability of the first network device 
(See page 5, paragraph [003 1]). 

i. As per claim 1 1, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein step (b) further comprises comparing at least one 
security setting of the first network device with a predetermined security setting (See page 5, 
paragraph [0031]). 
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j. As per claim 12, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein step (b) further comprises at least one of installing a 
software patch on the first network device, installing anti-virus software on the first network 
device, and determining if the first network device is part of a windows domain (See page 3, 
paragraph [0021] and page 9, paragraph [0053]). 

k. As per claims 14 and 20, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches at least one of setting a security policy on the first network 
device, auditing the security policy of the first network device, ensuring compliance with a 
predetermined security policy, and reportmg result (See page 5, paragraph [0031]). 

1. As per claim 16, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches in view of Watkins et al fails to teach wherein the detecting 
module continuously polls a database for data corresponding to newly attached network devices 
(See page 

m. As per claim 17, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein the scanning module remotely scans the first network 
device upon detecting data corresponding to the first network device in the database (See page 4, 
paragraph [0027]). 
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n. As per claim 18, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches a history database storing scan resuhs of a scan performed by 
the scanning module (See page 5, paragraph [0031]). 

o. As per claim 21, Boyter et al teaches a method for examining a first network device 
connected to a network, comprising: (a) querying a database for data representing connection of 
network devices to a network (See page 2, paragraph [0012](b) determining connection of a first 
network device to the network by locating data about the first network device in the database 
(See page 2, paragraph [0012] and page 6, paragraph [0012]) (c) determining properties 
associated with the first network device to determine the identity of the first network device (See 
pages 4 and 5, paragraph [0028] and page 9, paragraph [0053]); (d) determining items to scan 
based on at least one of the properties (See page 5, paragraph [003 1]); and (e) performing remote 
agentless scanning of the first network device in response to the determination of the connection 
of the first network device to the network to thereby avoid downloading a software agent to the 
first network device (See page 5, paragraph [003 1]). 

p. As per claim 22, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein step (c) fiirther comprises determining at least one of 
credentials associated with the first network device and type of the first network device (See 
page 4, paragraph [0028] and page 9, paragraph [0053]). 
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q. As per claim 23, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein step (c) further comprises at least one of querying a 
database where the identity has already been determined, examining network traffic, analyzing 
network behavior, probing the device for signature responses, and logging into the device to 
query data (See page 2, paragraph [0012]), 

r. As per claim 24, Boyter et al teaches the claimed invention as described above. 
Furthermore, Boyter et al teaches wherein step (e) further comprises selecting a set of security 
poUcy settmgs to audit (See page 10, paragraph [0055]). 



Oaim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 13, 19 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. 
Patent Application No. 2003/0212779 to Boyter et al in view of U.S. Patent Application No. 
2004/0268145 to Watkins et al. 



a. As per claims 13, 19 and 25, Boyter et al teaches the claimed invention as described 
above. However, Boyter et al fails to teach at least one of enabling the first network device to 
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have additional access to the network, denying the first network device access to the network, 
notifying another about the first network device based on results of the scan, and quarantining 
the first network device. 

Watkins et al teaches one of enabling the first network device to have additional access to 
the network, denying the first network device access to the network, notifying another about the 
first 1, paragraph [0009], the results of these checks are returned via the web and are used for 
security decisions involving the granting of authorization to access network services). 

It would have been obvious to one with ordinary skill in the art at the time the invention 
was made to incorporate at least one of enabling the first network device to have additional 
access to the network, denying the first network device access to the network, notifying another 
about the first network device based on results of the scan, and quarantining the first network 
device as taught by Watkins et al in the claimed invention of Chari et al in order to provide a 
reUable cUent integrity scheme that can consistently regulate access to network services or 
resources on the observed integrity properties of remote network devices requesting access (See 
page 1, paragraph [0007]). 

7. Claims 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent 
Application No, 2003/0212779 to Boyter et al as appUed to claim 1 above, and further in view of 
U.S. Patent Application No. 2001/0047401 to Moore et al. 

a. As per claim 5, Boyter et al teaches the claimed invention as described above. However, 
Boyter et al fails to teach wherein step (b) further comprises determming at least one of whether 
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the first network device is plugged into a wall socket, whether the first network device is 
connecting to the network via wireless access, and whether the first network device is connecting 
to the network via a Virtual Private Network. 

Moore et al teaches a system and methods for determining the physical location of a 
computer's network interface. Furthermore, Moore et ai teaches determining at least one of 
whether the first network device is plugged into a wall socket, whether the first network device is 
connectmg to the network via wireless access, and whether the first network device is connecting 
to the network via a Virtual Private Network (See page 9, paragraph [01 1 1]), 

It would have been obvious to one with ordinary skill in the art at the time the invention 
was made to incorporate determining at least one of whether the first network device is plugged 
into a wall socket, whether the first network device is connecting to the network via wireless 
access, and whether the first network device is connecting to the network via a Virtual Private 
Network as taught by Moore et al in the claimed invention of Boj^er et al in order to determine 
the connectivity type of the networks (See page 9, paragraph [0112] 

Conclusion 

8. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL, See MPEP § 706.07(a). 
Applicant is reminded of the extension of time poUcy as set forth in 37 CFR 1 . 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 



Application/Control Number: 10/683,564 



Page 10 



Art Unit: 2141 

MONTHS of the mailing date of this fmal action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
fmal action. 

9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Djenane M. Bayard whose telephone number is (571) 272-3878. 
The examiner can normally be reached on Monday- Friday 5:30 AM- 3:00 PM., 

If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 
supervisor, Rupal Dharia can be reached on (571) 272-3880. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published appUcations 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
appUcations is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EEC) at 866-217-9197 (toll-free). 

Djenane Bayard X]l /a y 



Patent Examiner 
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